Sandbox AVFS process with seccomp filter mechanism on ARM.
This CL adds a seccomp filter policy file "avfsd-seccomp-arm.policy" for
sandboxing AVFS processes on ARM platforms.
BUG=chromium-os:31698
TEST=Tested the following:
1. Build cros-disks for arm-generic and verify that
avfsd-seccomp-arm.policy is installed as
/opt/google/cros-disks/avfsd-seccomp.policy on the final image.
2. Run the platform_CrosDisksArchive test.
3. Manually test mounting and unmounting some Zip, RAR, tar, tar.gz,
and tar.bz2 files through the CrOS file manager.
Change-Id: If0f726c5738e3a38fcc45232a19b8e2f6560ce2d
Reviewed-on: https://gerrit.chromium.org/gerrit/28242
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
Commit-Ready: Ben Chan <benchan@chromium.org>
Tested-by: Ben Chan <benchan@chromium.org>
1 file changed
